SEC_ERROR_EXPIRED_CERTIFICATE only for a specific port


#1

Hi,

I have a certificate installed via Certbot on my Debian 8 VPS, it is associated to my www and non-www domains, let’s say:

https://example.com and https://www.example.com
(http automatically redirects to https and www automatically redirect to the non-www)

My problem is that if I try to go to https://www.example.com:10000 I get this error:

example.com:10000 uses an invalid security certificate. The certificate expired on March 28, 2017 at 12:01 AM. The current time is April 11, 2017 at 10:40 AM. Error code: SEC_ERROR_EXPIRED_CERTIFICATE

But if I go to the normal domain, without specifying the port (so to 443 port) all seems ok, the cert says that its Period of Validity is from March 12, 2017 and June 11, 2017.

Anyone as idea of what’s going on?

Thanks


#2

Perhaps one of the virtualhosts (or the service running on port 10000) is referring to the certificate/private key in the /archive/ directory in stead of the symbolic links in /live/?

What service uses that port 10000 anyway? Is that service reloaded after the certificate renewal?


#3

IIRC, Webmin uses port 10000, and would require its own independent certificate configuration. https://www.digicert.com/ssl-certificate-installation-webmin.htm appears to describe the process. From that page, it doesn’t appear possible to simply point webmin to another existing cert file, but it shouldn’t be too hard to come up with a script automating those steps on renewal.


#4

@Osiris the path in the virtual host is referring to /live directory and as @danb35 says the 10000 port is used as default port by webmin. Thank you!


#5

Thank you @danb35 , finally I find that Webmin’s SSL Encription module actually support Let’s Encrypt.

I added a temporary exception to my browser to access Webmin panel bypassing the error, than I used the Request Certificate button in:

Webmin -> Webmin configuration -> SSL Encription -> Let’s Encrypt

Now all seems to be working properly.


#6

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.